tinc config(?) problems

Ivo Timmermans zarq at spark.icicle.yi.org
Thu Aug 3 19:52:45 CEST 2000


I'm having a bit of a problem getting tinc up and running between a pair of
RedHat (one 6.0, the other 6.1) boxes. It's installed and configured to the
point where they can connect, but I'm not seeing any traffic passing
between the two systems.

System A looks like - 
tinc.conf:
# Sample tinc configuration.
# Insert your own ip numbers instead of the placeholders,
# and be sure to use your own passphrases.
# See man tinc.conf(5) tincd(8) genauth(8), info tinc and
# /usr/doc/tinc-1.0pre2/tinc.conf.sample
TapDevice = /dev/tap0
#ConnectTo = peer.real.ip.number
MyVirtualIP = 192.168.2.1/24
#AllowConnect = no
VpnMask = 255.255.255.0

ifconfig (eth0 is internal): 

eth0      Link encap:Ethernet  HWaddr 00:A0:24:81:B9:15
          inet addr:192.168.2.1  Bcast:192.168.2.255  Mask:255.255.255.0
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:1090148 errors:1 dropped:1 overruns:0 frame:2
          TX packets:1199574 errors:0 dropped:0 overruns:0 carrier:23
          collisions:32828 txqueuelen:100
          Interrupt:9 Base address:0xe400

eth1      Link encap:Ethernet  HWaddr 00:A0:C9:B4:6F:BB
          inet addr:24.27.164.16  Bcast:255.255.255.255  Mask:255.255.255.0
          UP BROADCAST NOTRAILERS RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1355209 errors:1 dropped:0 overruns:0 frame:10
          TX packets:1068137 errors:0 dropped:0 overruns:0 carrier:0
          collisions:12215 txqueuelen:100
          Interrupt:11 Base address:0xd800

tap0      Link encap:Ethernet  HWaddr FE:FD:00:00:00:00
          inet addr:192.168.2.1  Bcast:192.168.2.255  Mask:255.255.255.0
          UP BROADCAST RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:10 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          Interrupt:5

route: 
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
192.168.2.1     0.0.0.0         255.255.255.255 UH    0      0        0 eth0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 tap0
24.27.164.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
10.0.0.0        192.168.2.1     255.0.0.0       UG    0      0        0 tap0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         24.27.164.1     0.0.0.0         UG    0      0        0 eth1

Machine B looks like - 
tinc.conf:
# Sample tinc configuration.
# Insert your own ip numbers instead of the placeholders,
# and be sure to use your own passphrases.
# See man tinc.conf(5) tincd(8) genauth(8), info tinc and
# /usr/doc/tinc-1.0pre2/tinc.conf.sample
TapDevice = /dev/tap0
ConnectTo = halsallnet.penguinpowered.com
MyVirtualIP = 10.254.1.9/32
AllowConnect = no
VpnMask = 255.0.0.0

ifconfig:
eth0      Link encap:Ethernet  HWaddr 00:A0:24:15:B0:F9
          inet addr:10.254.1.9  Bcast:10.254.1.11  Mask:255.255.255.252
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2421976 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1935417 errors:0 dropped:0 overruns:0 carrier:0
          collisions:67520 txqueuelen:100
          Interrupt:7 Base address:0x210

eth1      Link encap:Ethernet  HWaddr 08:00:2B:BC:FE:18
          inet addr:24.29.3.206  Bcast:24.29.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6478886 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2182964 errors:17543 dropped:0 overruns:0 carrier:0
          collisions:14465 txqueuelen:100
          Interrupt:5 Base address:0x300

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:255 errors:0 dropped:0 overruns:0 frame:0
          TX packets:255 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0

tap0      Link encap:Ethernet  HWaddr FE:FD:00:00:00:02
          inet addr:10.254.1.9  Bcast:10.255.255.255  Mask:255.255.255.252
          UP BROADCAST RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          Interrupt:5

route:
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
10.254.1.9      0.0.0.0         255.255.255.255 UH    0      0        0 eth0
24.29.3.206     0.0.0.0         255.255.255.255 UH    0      0        0 eth1
10.254.1.8      0.0.0.0         255.255.255.252 U     0      0        0 eth0
10.254.1.8      0.0.0.0         255.255.255.252 U     0      0        0 tap0
192.168.2.0     10.254.1.9      255.255.255.0   UG    0      0        0 tap0
24.29.0.0       0.0.0.0         255.255.0.0     U     0      0        0 eth1
24.27.0.0       24.29.3.206     255.255.0.0     UG    0      0        0 eth1
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         10.254.1.10     0.0.0.0         UG    0      0        0 eth0

I do have ipchains scripts running on both ends, but seeing as how the
gateways can set up a connection, traffic should pass through them. tcpdump
reveals that echo requests get to tap0 on both ends, but no echo replies
are sent.
Any ideas where I screwed up?

Thanks for any help you can provide.

-Mark

--
Mark Halsall                            mark at hccanet.org
Internet Specialist, Hamilton/Clermont Cooperative Association
                   (513) 931-7120, x20     
Personal email should go to <mailto:spanner at cinci.rr.com>.

-
Tinc:         Discussion list about the tinc VPN daemon
Archive:      http://mail.nl.linux.org/lists/
Tinc site:    http://ftp.nl.linux.org/pub/linux/tinc/



More information about the Tinc mailing list